It seems Ubuntu infra is hosted at cloud provider? All have the mechanisms to protect from these types of attacks. Is this an architecure design failure?
Which cloud provider? Unless things have changed, Canonical runs their own servers by leasing racks in data centres. Since one of their main offerings is managed Openstack, they favor running things on their in-house openstack deployment instead of using a public cloud (AWS etc).
It can't be shutdown if the means are there, if the means are superior from the attacker than the target, then it can remain permanently offline. Talking from experience.
I have personally been involved with law enforcement in foreign countries that have raided houses with shotguns and flash bangs against Command and Control (C2) infra.
BGP FlowSpec helps a lot to prevent shunting the target IP/route completely, it's not as bad as the old days.